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(57) ABSTRACT 

Encryption of a key using another key that is unique and 
particular to a given client is disclosed. In one embodiment, 
a computer- implemented method determines a first key that 
is unique and particular to the client, without user interven- 
tion. In varying embodiments, this key can be one or more 
of: a processor identifier, a network card address, an IP 
address, a checksum of a component, a serial number of a 
hard disk drive, a number of cylinders of a hard disk drive, 
and a user name in a registry file. At least a second key that 
provides access to information, such as multimedia 
information, is encrypted with this first key. The second key 
as encrypted with the first key may be stored on a storage, 

8 Claims, 6 Drawing Sheets 
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KEY ENCRYPTION USING A CLIENT- 
UNIQUE ADDITIONAL KEY FOR FRAUD 
PREVENTION 

FIELD OF THE INVENTION 

This invention relates generally to encryption and decryp- 
tion of information, such as multimedia information, accom- 
plished via a key, and more particularly to additional encryp- 
tion and decryption of the key using a client-unique 
additional key for fraud prevention. 

BACKGROUND OF THE INVENTION 

The Internet has become a popular manner by which to 
purchase multimedia information such as music, a phenom- 
enon that seemingly will only increase over time as more 
consumers have the ability to connect to the Internet, and as 
their connections are at greater bandwidths to permit other 
multimedia information, such as video, to also be easily 
purchased. While actors, artists and companies responsible 
for producing and distributing such multimedia information 
generally applaud new manners of distribution, they are 
nevertheless somewhat concerned about the Internet and 
other manners by which digital versions of their content can 
be distributed. This is because a copy of a digital version of 
content can easily be duplicated illegally by consumers, 
potentially decreasing the revenue taken in by the rightful 
owners of the content. 

One solution that has been suggested and used within the 
prior art is the encryption of multimedia information via 
known encryption schemes. Usually, and especially in the 
context of multimedia information purchased by end 
consumers, the information is encrypted with a key. Knowl- 
edge of the key, therefore, is required to decrypt the infor- 
mation; without the key, the encrypted information is unin- 
telligible. Thus, even if many digital copies of a particular 
song or movie were distributed over the Internet to end users 
all over the world, unless a given end user knows the key to 
unlock the encrypted copy, the song or movie is useless. 

A barrier to the overall effectiveness of this approach is, 
however, that little deters a consumer who has purchased 
encrypted multimedia information from sharing the key 
provided to him or her with others, or even from posting the 
key on the Internet along with the encrypted information. 
While content owners can assign each purchaser of content 
a unique key, such that illegal distribution of the key can be 
traced back to the original purchaser, this puts the onus of 
enforcement on the owners themselves, which will likely be 
time-consuming and expensive. Furthermore, the owners are 
put in the uncomfortable position of bringing action against 
their own customers, which may lead to public relations and 
other problems where it turns out that the key assigned to a 
particular consumer was distributed on a large scale through 
no fault of the consumer — for example, where the key was 
stolen from the consumer. 

A solution to this and other problems is described in the 
copending, cofiled, and coassigned application Sen No. 
09/425,862 entitled "Encryption Using a User-Known and 
Personally Valuable Key to Deter Key Sharing". In this 
application, the key used for encryption of the information 
is known to the user and personally valuable to him or her, 
such as a social security number, driver's license number, 
credit card number, etc. A user is thus motivated not to share 
the key with others, since the key itself has personal value 
to him or her. 

However, this solution does not prevent the user from 
using or copying the information, such as text or multimedia 
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information, on multiple computers or devices owned or 
accessible by him or her. For example, a user may have a 
desktop computer, a portable electronic device, and a laptop 
computer, all of which the user can copy the information to, 

5 for use on any such device. However, this may be against the 
licensing terms to which the user agreed when first purchas- 
ing or otherwise obtaining the information. The seller or 
provider of the information has little recourse in this situa- 
tion within the prior art. 

10 For these and other reasons, then, there is a need for the 
present invention. 

SUMMARY OF THE INVENTION 

The invention provides for encryption of a key using 
another key that is unique and particular to a given client, 

is such as a desktop computer, a laptop computer, a portable 
electronic device, etc., for fraud prevention and other pur- 
poses. In one embodiment, a computer-implemented method 
determines a first key that is unique and particular to the 
client, without user intervention. In varying embodiments of 

20 the invention, this key can be one or more of: a processor 
identifier, a network card address, and a user name in a 
registry file. The key may also be one or more of: serial 
numbers and/or the number of cylinders of attached hard 
disk drives, checksums of the read-only memory (ROM) or 

25 other system components, the Internet Protocol (IP) address 
of the computer or system, and a combination of installed 
cards, such as sound, video, SCSI, and other cards, as the 
key. At least a second key that actually provides access to 
information, such as multimedia information, is then 
encrypted with this first key. (Other information may also be 

30 encrypted with the first key.) The second key as encrypted 
with the first key may be stored on a storage, such as a 
non-volatile memory or a hard disk drive. 

Embodiments of the invention provides for advantages 
not found within the prior art. When decryption of the 

35 information is desired, in one embodiment, the second key 
first must be decrypted using the first key. The first key is 
thus redetermined and used to decrypt the second key. 
Because the first key is specific to the underlying computer 
or device, if the encrypted second key is moved to another 

40 computer or device, it will not be decrypted successfully. 
Thus, users are restrained from copying the information to 
other clients other than that on which they first stored the 
information, without, for example, reregistering the infor- 
mation with the seller or other provider. 

45 Other embodiments of the invention enhance fraud pre- 
vention and security in still other ways. For example, the 
recording inputs may be varied when multimedia informa- 
tion is played back, so that any illicit recording will result in 
an undesirable copy of the information. As a further 

50 example, various checksums can be determined to ensure 
that the user has not made illicit changes to the playback 
software or other playback mechanism, as well as various 
system checks to detect known piracy programs that may be 
running on the system. In addition, a server can be 

55 contacted, for example, over the Internet, to update the 
player software or other playback mechanism, as well as the 
system checks that are to be performed. 

The invention includes computer-implemented methods, 
machine-readable media, computerized systems, and com- 

60 puters of varying scopes. Other aspects, embodiments and 
advantages of the invention, beyond those described here, 
will become apparent by reading the detailed description and 
with reference to the drawings. 

65 BRIEF DESCRIPTION OF THE DRAWINGS 

FIG, 1 is a diagram illustrating the operation of an 
embodiment of the invention; 
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FIG. 2 is a flowchart of a method according to an are not limited to a particular scheme by which to perform 

embodiment of the invention; encryption and decryption. Those of ordinary skill within the 

FIG. 3 is a block diagram of a representative computer or art can appreciate that many such different schemes exist, 

computerized device in conjunction with which embodi- and can be used in accordance with embodiments of the 

ments of the invention may be practiced; 5 invention. One common scheme that can be used by embodi- 

FIG. 4 is a flowchart of a checksum verification method ments of the invention, but to which the invention itself is 

according to an embodiment of the invention; not limited > 15 ™ the Data Encryption Standard, or 

Z . n i c . • , j . DES. Other known schemes include, Rivest Cipher #4 

FIG 5 is a flowchart of a piracy-signature detection ^ ^ SKIPJACK, International 

method according to an embodiment of the invention; and, j(j Enc ^ 0 / Mg0Ti{ ^ m (IDEA), Blowfish, Twofish, 

FIG. 6 is a diagram illustrating the manner by which trf . D£S ( 3DES ), EEE3) EDE3 , EEE2 , a nd EDE2. 

recording inputs can be dynamically varied during multi- « . n • .u • c j * • * 

. r a Cryptography generally is the conversion or data into a 

media information playback to thwart piracy m accordance \ f \i « e i u « •** i 

« j . t c a_ • secret code, so that, for example, it can be transmitted over 

with an embodiment of the invention. ' , , 4 . T I , tl • • i j . ■ 

a public network, such as the Internet. The original data is 

DETAILED DESCRIPTION OF THE 25 converted (encrypted) into a coded equivalent via an encryp- 

INVENTION tion algorithm, or scheme. The encrypted data is decoded. 

, , . , (decrypted) at the receiving end and turned back into the 

In the following detailed description of exemplary ^ ^ ^ ^ ^ k ; uninteU igible. 

embodiments of the invention, reference is made to the ^ , 

accompanying drawings which form a part hereof, and in 20 An encryption scheme uses a key, for example^ binary 

which is shown by way of illustration specific exemplary nuraber that 15 between 40 to 128 bits m length. The data is 

embodiments in which the invention may be practiced. " locked " for sendin g b V combining the bits in the key 

These embodiments are described in sufficient detail to mathematically with the data bits. At the receiving end, the 

enable those skilled in the art to practice the invention, and ke y is ™* to "unlock" the code, restoring it to its origmal 

it is to be understood that other embodiments may be utilized 2S binary form. Tbe particular types of keys that are used by 

and that logical, mechanical, electrical and other changes embodiments of the invention are described in a later section 

may be made without departing from the spirit or scope of of the detailed description. A key used by an encryption or 

the present invention. The following detailed description is, decryption scheme is generally referred to as a code that is 

therefore, not to be taken in a limiting sense, and the scope combined in some manner with the original data or infor- 

of the present invention is defined only by the appended 30 matioD t0 encrv Pt the data or information for security 

claims. P ur P° ses ' 

Some portions of the detailed descriptions which follow K * noted thal "> conjunction with embodiments of the 

are presented in terms of algorithms and symbolic repre- invention, a key can be a number, characters, or any com- 

sentations of operations on data bits within a computer bination thereof. That is, where a key is referred to herein as 

memory. These algorithmic descriptions and representations 35 a number > this is one exara P le of wnat a ke y can be - 111086 

are the means used by those skilled in the data processing ^ ordinary skill within the art can appreciate that the 

arts to most effectively convey the substance of their work invention is not so limited, and that keys made up of 

to others skilled in the art. An algorithm is here, and characters, as well as numbers and characters, in addition to 

generally, conceived to be a self-consistent sequence of steps numbers, are also applicable to embodiments of the 

leading to a desired result. The steps are those requiring 40 mvention. 

physical manipulations of physical quantities. Usually Operation of an Embodiment of the Invention 
though not necessarily, these quantities take the form 01 

electrical or magnetic signals capable of being stored, In this section of the detailed description, the operation of 

transferred, combined, compared, and otherwise manipu- one particular embodiment of the invention is described. The 

lated. 45 invention itself, however, is not limited to the description of 

It has proven convenient at times, principally for reasons this action. The description of this section is made in 

of common usage, to refer to these signals as bits, values, conjunction with FIG. 1. 

elements, symbols, characters, terms, numbers, or the like. It FIG. 1 is a diagram showing an encryption 100 situation, 

should be borne in mind, however, that all of these and a successful decryption 102 situation, and an unsuccessful 

similar terms are to be associated with the appropriate 50 decryption 104 situation, according to an embodiment of the 

physical quantities and are merely convenient labels applied invention. In the encryption 100, a component 106 of 

to these quantities. Unless specifically stated otherwise as computer one is used to determine a first key 108. The first 

apparent from the following discussions, it is appreciated key 108 is unique and particular to computer one. The 

that throughout the present invention, discussions utilizing component 106 has an identifier such that it can be used to 

terms such as processing or computing or calculating or 55 particularly and uniquely identify computer one. That is, the 

determining or displaying or the like, refer to the action and identifier of the component 106 is used as the first key 108, 

processes of a computer system, or similar electronic com- such that the first key 108 is unique and particular to 

puting device, that manipulates and transforms data repre- computer one. 

sented as physical (electronic) quantities within the com- The invention is not particularly limited to a given type of 

puter system's registers and memories into other data 60 component 106. In one embodiment, the component 106 is 

similarly represented as physical quantities within the com- one or more of the following: a processor that has a unique 

puter system memories or registers or other such informa- serial number or other identifier, such as an Intel Pentium III 

tion storage, transmission or display devices. processor having such an identifier; a network card having 

a unique media access controller (MAC) address; and, in 

Cryptography Background 65 em5odiments of the i nveo tion utilizing a version of the 

In this section of the detailed description, a brief summary Microsoft Windows operating system, the user name as 

of cryptography is presented. Embodiments of the invention saved in a registry file of the operating system. The com- 
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pone nt may also be one or more of: a hard disk drive having 
serial numbers and/or a particular number of cylinders, 
read-only memory (ROM) or other system components (for 
the providing of checksums thereof), the Internet Protocol 
(IP) address of the computer or system, and a combination 
of installed cards, such as sound, video, SCSI, and other 
cards. 

At least a second key that has been used to encrypt 
information, such as multimedia information, is then 
encrypted with the first key in 110. For example, the second 
key may be user-known and personally valuable 
information, as described in the copending, co assigned, and 
cofiled patent application Ser. No. 09/425,862 entitled 
"Encryption Using a User- Known and Personally Valuable 
Key to Deter Key Sharing,". In that case, information, such 
as text information or multimedia information such as video, 
audio, music, and image information, is encrypted using a 
key that is user known and personally valuable, such as a 
credit card number or a driver's license number. Thus, in 
110, this key is encrypted using the first key 108, which is 
unique and particular to computer one as based on an 
identifier of the component 106 that uniquely and particu- 
larly identifies computer one. The encrypted second key is 
stored on the storage 112, which can be a non-volatile 
memory such as a flash memory, or a hard disk drive, etc. 
The invention is not limited to a particular type of storage 
112. 

In one embodiment of the invention, more information 
than just the second key is encrypted using the first key. For 
example, user identification, server addresses, playback 
information, program configuration, etc., may be configured, 
in addition to the second key. 

The statement that the second key is encrypted using a 
first key uniquely and particularly identifying computer one 
(which can be referred to as the client computer) is now 
described. Those of ordinary skill within the art understand 
that encryption is typically performed by a key that is any 
number of bits in length, such as between 40 and 128 bits in 
length. Each bit is either a 1 or a 0. The statement that 
information is encrypted using a key as described in the 
previous paragraphs means that the ultimate key used in the 
encryption scheme is based on information that particularly 
and uniquely identifies the client computer. It does not mean 
that the key literally has to be such information, but that the 
key is based on that information in some manner — i.e., 
derived from such information. 

For example, using the identifier of the component 106 
that uniquely and particularly identifies computer one as a 
starting point, embodiments of the invention can convert or 
otherwise manipulate this information to produce the actual 
key as may be required by the encryption scheme being 
used. Each character of the identifier, for instance, may be 
converted into an eight-bit binary number, the conversions 
of all such characters concatenated together, and every 
second or third bit selected until the needed number of bits 
to make the actual key has been obtained. This is only one 
example, however, and the invention is not so limited. Thus, 
when it is stated that information that particularly and 
uniquely identifies a client computer is used as a key, those 
of ordinary skill within the art can appreciate that this is 
shorthand for stating that such information is used as a 
starting point from which the actual key used by an encryp- 
tion scheme is derived. 

The usefulness of such a key is described in relation to the 
successful decryption 102 situation, also performed on com- 
puter one, and to the unsuccessful decryption 104 situation, 
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performed on a different computer, computer two. In the 
successful decryption 104 situation, the same component 
106 is used to regenerate the first key 114 that was generated 
as the first key 108 in the encryption 100. Because the same 

5 component 106 is being used, the first key 114 regenerated 
in the successful decryption 102 situation is identical to the 
first key 108 that was initially generated during the encryp- 
tion 100 situation. Thus, when the encrypted second key is 
retrieved from the storage 112, it will be successfully 

10 decrypted in 116. 

However, in the unsuccessful decryption 104 situation, it 
is presumed that the encrypted second key was copied from 
the storage of computer one to a storage of computer 
two — the storage 122 of FIG. 1. Thus, the component 118 

15 used to regenerate the first key 120 will not be the identical 
to the component 106 used to generate the first key 108 
during encryption. It may have a different serial number, 
address, or other identifier that is used to particularly and 
uniquely identifier its computer, which in this case is com- 

20 puter two. Therefore, when the encrypted second key is 
retrieved from the storage 122, and the regenerated first key 
is used to decrypt the second key in 124, the decryption will 
be unsuccessful — because the first key 120 used for decryp- 
tion necessarily varies from the first key 108 used for 

25 encryption, since the first keys are particular and unique to 
their respective client computers, computer one and com- 
puter two, respectively. 

Therefore, using a first key to encrypt at least a second 
key, where the first key is unique and particular to the client 

30 computer, controls the distributed use of the second key. The 
second key as encrypted with the first key may be freely 
copied to other computers and similar such devices, but it 
will not be successfully decrypted unless it is decrypted on 
the computer or similar such device on which it was origi- 

35 nally encrypted. In the case of information encrypted with 
the second key that was purchased by the user of the client 
computer, this ensures that the user will not be able to copy 
and use the information on other computers or similar such 
devices that he or she owns or uses, without the permission 

40 and knowledge of the seller of the information. The user may 
copy the information to other computers freely, but because 
the first key is unique and particular to the computer on 
which the second key was encrypted, these other computers 
will not able to decrypt the second key with their own first 

45 keys. 

Methods 

In this section of the detailed description, methods 

50 according to varying embodiments of the invention are 
described. It is noted that these methods can be computer- 
implemented. Furthermore, the methods can be realized at 
least in part as one or more programs, or parts thereof, each 
having a number of instructions, running on a computer or 

55 other such device — that is, as a program executed from a 
machine- or a computer-readable medium such as a memory 
by a processor of a computer or other such device. The 
programs are desirably storable on a machine-readable 
medium such as a compact flash memory, floppy disk or a 

60 CD-ROM, for distribution and installation and execution on 
another computer. 

Referring to FIG. 2, a flowchart of one method according 
to an embodiment of the invention is shown. In 200, a first 
key that is unique and particular to a client is determined, 

65 without user intervention. The first key is unique and par- 
ticular to the client in that it particularly and uniquely 
identifies the client as compared to other clients. The client 
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is any type of computer or other such device, as is described 
in a proceeding section of the detailed description. The first 
key may be one or more of: a processor identifier, a network 
card address, and a user name in a registry file, as described 
in the preceding section of the detailed description. The key 
may also be one or more of: serial numbers and/or the 
number of cylinders of attached hard disk drives, checksums 
of the read-only memory (ROM) or other system 
component's, the Internet Protocol (IP) address of the com- 
puter or system, and a combination of installed cards, such 
as sound, video, SCSI, and other cards, as the key. The first 
key is not limited to any of these, however. The first key is 
determined without user intervention in that the first key is 
not based on input made by the user — that is, the first key is 
determined with respect to information already contained 
within the client, such as based on a component thereof, as 
described in a preceding section of the detailed description 
(although the invention itself is not so limited). 

In 202, at least a second key is encrypted with the first key. 
The second key may be used to encrypt information such as 
multimedia information, as described in the preceding sec- 
tion of the detailed description. In 204, the encrypted second 
key is stored on a storage, such as a non- volatile memory, or 
a hard disk drive, etc. The invention is not particularly 
limited to a given type of storage. 

In one embodiment of the invention, more information 
than just the second key is encrypted using the first key. For 
example, user identification, server addresses, playback 
information, program configuration, etc., may be configured, 
in addition to the second key. 

In 206, the encrypted second key is retrieved from the 
storage, and in 208, the first key is redetermined. If the 
redetermination of the first key in 208 is performed on the 
same client as the determination of the first key in 200 was 
performed, then the redetermined first key in 208 will be 
identical to the originally determined first key in 200 
(assuming that the component used to generate the first key 
in 200 has not changed or been modified). However, if the 
encrypted second key was stored on a different client, such 
that the redetermination in 208 is performed on a different 
client, then the first key redetermined in 208 will be different 
than the first key originally determined in 200. In 210, the 
second key is attempted to be decrypted based on the first 
key redetermined in 208. 

In 212, if the second key was decrypted successfully — 
that is, if the first key redetermined in 208 was the same as 
the first key originally determined in 200 — then the method 
proceeds to 214, and the method is done. However, if the 
second key was not decrypted successfully — that is, if the 
first key redetermined in 208 was not identical to the first 
key originally determined in 200 — then the method proceeds 
instead to 216, and the user is notified that the decryption 
was unsuccessful. In 218, in one embodiment of the 
invention, the user is requested to reregister the first key with 
a registering authority. For example, the user may be asked 
to reregister a purchase of the information that was 
encrypted with the second key with the seller of the 
information, by logging onto the seller's web site. The 
method then proceeds to 214, where it is finished. 

It is noted that the invention itself is not limited to the 
particular embodiment just recited. For example, in some 
cases, the user may not be notified of unsuccessful decryp- 
tion. For example, new information may be requested with- 
out explaining that any error has occurred, or a web server 
may automatically be logged onto. Furthermore, in the case 
of failed decryption, playback or other access to the infor- 
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mation may be completely disabled, or allowed only in a 
limited capacity, without any error notification. 

Representative Computer or Other Such Device 

5 In this section of the detailed description, a representative 
computer or other such device in conjunction with which 
embodiments of the invention may be practiced, and one or 
more of which can act as a client or a server as referred to 
in the previous sections of the detailed description, is 

30 described. However, the invention is not limited to the 
representative computer or other such device described 
herein. The phrase "other such device" is used to reflect the 
fact that devices other than computers can be used in 
accordance with embodiments of the invention — for 

1S example, PDA devices and MP3 devices, although the 
invention is not limited to an other such device particularly 
recited herein. 

The computer or other such device is shown in block 

2Q diagram form in FIG. 3. The computer or other such device 
400 desirably includes one or more of desirably but not 
necessarily each of the following components. The display 
402 can include a flatpanel display, such as a liquid crystal 
display (LCD), or a cathode-ray tube (CRT) display. The 

25 input device 404 can include a keyboard, a pointing device 
such as a mouse, trackball or touch pad, a touch screen, one 
or more buttons, etc. The processor 406 executes instruc- 
tions implementing methods of varying embodiments of the 
invention. In one embodiment, the processor 406 can be 

3Q considered the means to perform a method according to an 
embodiment of the invention. The communications device 
408 can be used to communicate with another computer or 
other such device — to communicate with a client, for 
example, in the case of a server, and vice-versa. The device 

35 408 may be a network adapter, a modem, a wireless 
transceiver, etc. The non -volatile storage 410 can include a 
hard disk drive, and/or non-volatile memory such as flash 
and compact flash memory, such as in the form of memory 
cards. The volatile memory 412 typically includes a version 

40 of dynamic random -access memory (DRAM), as known 
within the art. 

Other Embodiments to Promote Fraud Prevention 
and Security 

45 In this section of the detailed description, additional 
embodiments of the invention are described designed for 
promoting security and fraud prevention. Three particular 
additional embodiments are described: a checksum embodi- 
ment in conjunction with FIG. 4, a piracy signature detection 

50 embodiment in conjunction with FIG. 5, and a recording 
inputs variance embodiment in conjunction with FIG. 6. 
Each of these is now described in turn. 

Referring first to FIG. 4, a flowchart of a method of a 
checksum embodiment of the invention is shown. In 300, a 

55 checksum is determined for a player of information, the 
information itself, or both. The player can be a viewer for 
text information, or a player for multimedia information 
such as audio, music, video and image information. That is, 
the player can be playback software for the information. The 

60 information itself can be any type of information, such as 
text information or multimedia information. Still other infor- 
mation amenable to embodiments of the invention includes 
software programs, such as the electronic distribution 
thereof. The checksum is a value known within the art, and 

65 is a value used to ensure that data is stored or transmitted 
without modification. It is created in one embodiment by 
calculating the binary values in the data using an algorithm 
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(the specific type of which the invention is not particularly another embodiment, at least one of these actions also occurs 

limited to), and storing the results with the data, where the if the first key does not successfully decrypt the second key, 

data in this case is the player of the information, the as described in preceding sections of the detailed descrip- 

information itself, or both. Thus, the player and/or the tion. 

information already have a predetermined checksum target 5 ^ invention ^ not particularly limited to the manner by 

value associated therewith. whicfa ^ si lures of the ^ cy or other modification 

In 302, it is determined whether the checksum determined mechanisms m determined. In one embodiment, however, 

in 300 matches the checksum target value^ A non-match a s{ e a checksum of tne offen ding piracy or 

indicates that the player, the information, or both have been othe T modification mec hanism. This provides for easy detec- 

modified. Because such modification may indicate that the in c 

. - . , t . f •_ * £ tion oi the mechanism, 

player, the information, or both have been changed for * . * tt ™^ ^ r 

piracy or other fraudulent purposes, the information wiU not Referring finally to FIG. 6, a diagram of a recording 

be played back or otherwise allowed to be accessed if such in P uts variance embodiment of the invention is shown. The 

a non-match occurs. In this situation, the method proceeds P laver 600 15 in one embodiment playback software for 

from 304 to 306, and a checksum error is indicated. playing back information of a predetermined type, such as 

Otherwise, the method proceeds from 302 to 304, where the multimedia information like audio and video information, 

method is finished When the player 600 plays back the information, the infor- 

In one particular embodiment, a checksum is stored in a mati ° n 15 m \ ° ver out P uts - f ch as ' or v J dco out Pf- 

data block that also contains the second key, as the second ™ the °P« ratin g Vf™-™ ^ ^ ° D 3 T 

1 u u a *u a ■ a- f- 1 ~r A~* n \~A 602, in the case of audio information, tor example, or 

key has been descnbed in preceding sections of the detailed 2 n . ... , ,. , . f 

. . -n. i i • j » • j * *u another output actuation device, such as a display in the case 

description. The checksum is determined from the unen- r < * • ? • T • i_ 

cryptedversionofthedatablockinthisembodiment,before of Vlde0 f ° rm * 10n * operating systems such as 

it is encrypted with the first key and stored. Thus, this versions of the Microsoft Windows operating system the 

provides for easy determination as to whether the block has ^formation is also output such that it can be received by 

been decrypted successfully. If the checksum matches the 25 recordin S j« 50 that *™ be ™orded by a 

newly calculated checksum then the block has been recon- ™ ord ' n S d ^ as represented by the microphone 604 in 

structed successfully Furthermore, if the data block has FIG , 6 ^ h ™& the mventl0n 15 not hmited t0 such a 

been modified while encrypted, this is also able to be recording device). 

detected, because the checksums will not match. Therefore, to prevent unauthorized recording of informa- 

Referring next to FIG. 5, a flowchart of a method of a 30 tion that fa bein S bac * for ou }? ul . on an ou ? ut 

piracy signature detection embodiment of the invention is actuall i on *™<*> the levels of the recording inputs, such as 

shown. In 500, one or more system indicators are each the volume level of the recording inputs or other levels, are 

checked against a signature database of known piracy varied during playback as represented by 606 in FIG. 6. 

mechanism. Each of the system indicators in one embodi- ^ results in an unsatisfactory recording Whde the infor- 

ment is an operating system file, such as those typically 35 mation raav stlU be P resent on ^ recordin g> the volume 

saved in the windows subdirectory of the root hard drive in level ma y be constantly changing, for example, such that the 

computers running versions of the Microsoft Windows oper- recording is essentially useless. As another example in the 

ating system. However, the invention is not so limited. Other case of video multimedia information, the color levels may 

system indicators include the boot sectors of the root hard be constantly changing, such that the picture is still 

drive, as known within the art, as well as various places 40 recognizable, but of unsatisfactory condition. The means for 

within the memory of the client. The signature database var y in S the recording inputs in one embodiment of the 

contains information regarding the binary patterns of the invention can be considered a computer program which 

machine code of a particular known piracy mechanism, such mav also b > the computer program that is responsible for 

as a computer program or a virus (although the invention is P la 3™S back the ^formation itself (for example, the player 

not particularly limited to either as a piracy mechanism) 45 '* 

meant to encourage piracy of software and/or other In other embodiments of the invention, other outputs 
information, such as text and multimedia information. Thus, and/or inputs are varied instead of or in addition to the 
the database of piracy patterns is compared with existing recording inputs, in order to prevent unauthorized recording 
files and other system indicators to determine if a piracy of information that is being played back for output on an 
mechanism is present. If such a piracy mechanism is present 50 output actuation device. Furthermore, in one embodiment of 
in any of the system indicators, then playback of the the invention, such outputs and/or inputs, such as the record- 
information is prevented in 502. Furthermore, in 504, the ing inputs, are muted. The term varying the volume level is 
signature database can be periodically updated so that it inclusive of muting, however, 
remains current, and is able to detect new piracy 

mechanisms, for example, by downloading a new database 5s conclusion 

or an update file from a web site. Although specific embodiments have been illustrated and 

In one particular embodiment, detection of a modification described herein, it will be appreciated by those of ordinary 

or piracy mechanism is reported to the user. However, the skill in the art that any arrangement which is calculated to 

invention is not so limited. In other embodiments of the achieve the same purpose may be substituted for the specific 

invention, detection may result in the disabling of playback 60 embodiments shown. This application is intended to cover 

or other access to the underlying information; notification of any adaptations or variations of the present invention, 

a server that piracy or other modification mechanisms have Therefore, it is manifestly intended that this invention be 

been found; and/or, modification of the player, the limited only by the following claims and equivalents 

information, or other files that are present on the system to thereof, 

prevent them from being used at all, or to cause them to 65 I claim: 

function only in a hmited capacity (e.g., playing music at a 1. A computer-implemented method for a client, compris- 

reduced quality level, or playing only 20% of a song). In ing: 
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determining a first key unique and particular to the client 
without user intervention; 

encrypting at least a second key with the first key; 

storing the second key as encrypted with the first key on 

a storage; 5 
retrieving the second key as encrypted with the first key 

from the storage; 
redetermining the first key; 

decrypting the second key with the first key as redeter- 10 
mined; 

determining whether decrypting the second key was suc- 
cessful; and 

upon determining that decrypting the second key was 
unsuccessful, indicating so to the user and requesting 15 
that the user reregister the first key with a registering 
authority. 

2. The method of claim 1, wherein the first key comprises 
at least one of: a processor identifier, a network card address, 

an IP address, a checksum of a component, a serial number 20 
of a hard disk drive, a number of cylinders of a hard disk 
drive, and a user name in a registry file. 

3. A computer-implemented method for a client compris- 
ing: 

... 25 

determining a first key unique and particular to the client 

without user intervention; 
encrypting at least a second key with the first key; 
storing the second key as encrypted with the first key on 

a storage; 30 
retrieving the second key as encrypted with the first key 

from the storage; 
redetermining the first key; 

decrypting the second key with the first key as redeter- 35 
mined; 

determining whether decrypting the second key was suc- 
cessful; and 

upon determining that decrypting the second key was 
unsuccessful, indicating so to the user; and 40 

upon determining that decrypting the information was 
unsuccessful, requesting that the user reregister the first 
key with a registering authority. 

4. The method of claim 3, wherein the first key comprises 

at least one of: a processor identifier, a network card address, 45 
an IP address, a checksum of a component, a serial number 
of a hard disk drive, a number of cylinders of a hard disk 
drive, and a user name in a registry file. 
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5. A machine-readable medium having instructions stored 
thereon for execution by a processor of a client to perform 
a method comprising: 

determining a first key unique and particular to the client 

without user intervention; 
encrypting at least a second key with the first key; 
storing the second key as encrypted with the first key on 

a storage; 

retrieving the second key as encrypted with the first key 

from the storage; 
redetermining the first key; 

decrypting the second key with the first key as redeter- 
mined; 

determining whether decrypting the second key was suc- 
cessful; and 

upon determining that decrypting the second key was 
unsuccessful, indicating so to the user and requesting 
that the user reregister the first key with a registering 
authority. 

6. The medium of claim 5, wherein the first key comprises 
at least one of: a processor identifier, a network card address, 
an IP address, a checksum of a component, a serial number 
of a hard disk drive, a number of cylinders of a hard disk 
drive, and a user name in a registry file. 

7. An apparatus comprising; 
a storage; 

at least one component having an identifier particularly 

and uniquely identifying the apparatus; and 
means for: 

determining a first key from the identifier; 

encrypting at least a second key with the first key; and, 

storing the second key as encrypted on the storage, 
wherein the means is further for retrieving the sec- 
ond key as encrypted from the storage and redeter- 
mining the first key from the identifier; and 

decrypting the second key with the first key as 
redetermined, wherein the means is further for deter- 
mining whether decrypting the second key was suc- 
cessful and wherein the means is further for, upon 
determining that decrypting the second key was 
unsuccessful, indicating so to the user and requesting 
that the user reregister the first key with a registering 
authority. 

8. The apparatus of claim 7, wherein the at least one 
component comprises at least one of: a hard disk drive, a 
processor, a network card, and a registry file. 

***** 
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